<?php

if($actPost=="Login")
{
	ImportClass('captcha');
	if (PhpCaptcha::Validate($_POST['codespam'])==false && LOGIN_SPAM==true)
	{
        page_transfer("Spam code invalible!!","opt=login");
		exit();
	}

	$username = mysql_escape_string(isset($_POST["tUsername"]) ? strip_tags($_POST["tUsername"]) : '');
	$password = mysql_escape_string(isset($_POST["tPassword"]) ? $_POST["tPassword"] : '');

	if(Login($username,$password))
	{
        $pagetr     = gpc_getSession("urlref","default.php");
		$msg = "Logining...!!";
	    page_transfer($msg,$pagetr,false,0);
		exit();
	}else
	{
		page_transfer($error_function,"opt=login");
	}
}

//////////main page----------------
if(LOGIN_MOD==1)
{
	if(!empty($_SERVER["PHP_AUTH_USER"]) && !empty($_SERVER["PHP_AUTH_PW"]))
	{
		if(Login($_SERVER["PHP_AUTH_USER"],$_SERVER["PHP_AUTH_PW"]))
		{
            $urlref     = gpc_getSession("urlref","default.php");
			header("Location: $urlref");
			exit();
		}
	}
	header("WWW-Authenticate: Basic realm=");
	//header("HTTP/1.0 401 Unauthorized");
	exit("false");
}

$codelog			=md5(rand(234234,65623334));
$_SESSION['codelog']=$codelog;
?>